Appl. No. 10/668,867 
Amdt. dated March 28, 2008 

Reply to Office Action of December 28, 2007 

This listing of claims replaces all prior versions, 
and listings of claims in the instant application: 

Listing of Claims: 

1. (Currently Amended) A method for digital content 
access control, comprising: 

sending, by an end-user device to a content 
provisioner, a digital content request comprising a 
request for digital content; 

receiving, from said content provisioner by said 
end-user device, an authenticated digital content 
request including one or more delivery parameters in 
response to said sending said digital content request; 

sending, by said end-user device, said 
authenticated digital content request including one or 
more delivery parameters to a content repository that 
provides storage for said digital content, said one or 
more delivery parameters identifying a target device 
to receive digital content referenced by said 
authenticated digital content request wherein an end- 
user device comprises said target device; 

receiving, from said content repository by said 
end-user device, encrypted digital content in response 
to said sending said authenticated digital content 
request; and 

sending, by said end-user device, said encrypted 
digital content to said target device identified by 
said one or more delivery parameters, said target 
device for decrypting said encrypted digital content 
to create decrypted digital content and for rendering 
said decrypted digital content on said target device. 

2. (Original) The method of claim 1 wherein 

said digital content request comprises a 
Universal Resource Locator (URL) ; and 
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said authenticated digital content request 
comprises a tokenized URL. 

3. (Original) The method of claim 2 wherein said 
tokenized URL further comprises a token comprising a 
cryptogram based at least in part on an identifier that 
describes the location of said digital content. 

4. (Original) The method of claim 3, further 
comprising sending said token to said target device. 

5. (Original) The method of claim 3 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 

6. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a serial number 
uniquely identifying said target device. 

7. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a master key 
indicator for use in decrypting an encrypted form of said 
digital content . 

8. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a key derivation 
process indicator for use in deriving a cryptographic key 
for decrypting an encrypted form of said digital content. 

9. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a cryptographic 
process indicator that specifies a cryptographic process 
supported by said target device. 
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10. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
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executable by the machine to perform a method for digital 
content access control, the method comprising: 

sending, by an end-user device to a content 
provisioner, a digital content request comprising a 
request for digital content; 

receiving, from said content provisioner by said 
end-user device, an authenticated digital content 
request including one or more delivery parameters in 
response to said sending said digital content request; 

sending, by said end-user device, said 
authenticated digital content request including one or 
more delivery parameters to a content repository that 
provides storage for said digital content, said one or 
more delivery parameters identifying a target device 
to receive digital content referenced by said 
authenticated digital content request wherein an end- 
user device comprises said target device; 

receiving, from said content repository by said 
end-user device, encrypted digital content in response 
to said sending said authenticated digital content 
request; and 

sending, by said end-user device, said encrypted 
digital content to said target device identified by 
said one or more delivery parameters, said target 
device for decrypting said encrypted digital content 
to create decrypted digital content and for rendering 
said decrypted digital content on said target device. 

11. (Original) The program storage device of claim 

10 wherein 

said digital content request comprises a 
Universal Resource Locator (URL) ; and 

said authenticated digital content request 
comprises a tokenized URL. 

12. (Original) The program storage device of claim 

11 wherein said tokenized URL further comprises a token 
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comprising a cryptogram based at least in part on an 
identifier that describes the location of said digital 
content . 



13. (Original) The program storage device of claim 
12, further comprising sending said token to said target 
device . 



14. (Original) The program storage device of claim 
12 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized. 



15. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
serial number uniquely identifying said target device. 

16. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
master key indicator for use in decrypting an encrypted 
form of said digital content. 

17. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
key derivation process indicator for use in deriving a 
cryptographic key for decrypting an encrypted form of said 
digital content . 

18. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
cryptographic process indicator that specifies a 
cryptographic process supported by said target device. 

19. (Currently Amended) An apparatus for digital 
content access control, comprising: 
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means for sending, by an end-user device to a 
content provisioner, a digital content request 
comprising a request for digital contents- 
means for receiving, from said content 
provisioner by said end-user device, an authenticated 
digital content request including one or more delivery 
parameters in response to said sending said digital 
content requests- 
means for sending, by said end-user device, said 
authenticated digital content request including one or 
more delivery parameters to a content repository that 
provides storage for said digital content, said one or 
more delivery parameters identifying a target device 
to receive digital content referenced by said 
authenticated digital content request wherein an end- 
user device comprises said target device; 

means for receiving, from said content repository 
by said end-user device, encrypted digital content in 
response to said sending said authenticated digital 
content request; and 

means for sending, by said end-user device, said 
encrypted digital content to said target device 
identified by said one or more delivery parameters, 
said target device for decrypting said encrypted 
digital content to create decrypted digital content 
and for rendering said decrypted digital content on 
said target device. 

20. (Original) The apparatus of claim 19 wherein 
said digital content request comprises a 

Universal Resource Locator (URL) ; and 

said authenticated digital content request 

comprises a tokenized URL. 
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cryptogram based at least in part on an identifier that 
describes the location of said digital content. 

22. (Original) The apparatus of claim 21, further 
comprising means for sending said token to said target 
device . 

23. (Original) The apparatus of claim 21 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

24. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a serial 
number uniquely identifying said target device. 

25. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a master key 
indicator for use in decrypting an encrypted form of said 
digital content . 

26. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a key 
derivation process indicator for use in deriving a 
cryptographic key for decrypting an encrypted form of said 
digital content. 

27. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a 
cryptographic process indicator that specifies a 
cryptographic process supported by said target device. 

28. (Currently Amended) An apparatus for digital 
content access control, the apparatus comprising: 

a memory for storing said digital content; and 
a processor configured to: 
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send, by an end-user device to a content 
provisioner, a digital content request comprising 
a request for digital content; 

receive, from said content provisioner by 
said end-user device, an authenticated digital 
content request including one or more delivery 
parameters in response to said sending said 
digital content request; 

send, by said end-user device, said 
authenticated digital content request including 
one or more delivery parameters to a content 
repository that provides storage for said digital 
content, said one or more delivery parameters 
identifying a target device to receive digital 
content referenced by said authenticated digital 
content request wherein an end-user device 
comprises said target device; 

receive, from said content repository by 
said end-user device, encrypted digital content 
in response to said sending said authenticated 
digital content request; and 

send, by said end-user device, said 
encrypted digital content to said target device 
identified by said one or more delivery 
parameters, said target device for decrypting 
said encrypted digital content to create 
decrypted digital content and for rendering said 
decrypted digital content on said target device.. 



29. (Original) The apparatus of claim 28 wherein 
said processor is further configured to receive said 
digital content in response to said authenticated digital 
content request . 
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30. (Currently Amended) The apparatus of claim 28 
wherein aaid said target device comprises a smart card. 
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31. (Original) The apparatus of claim 30 wherein 
said smart card comprises a Java Card™ technology-enabled 
smart card. 



32. (Original) The apparatus of claim 30 wherein 
said smart card comprises a CDMA (Code Division Multiple 
Access) technology-enabled smart card. 



33. (Original) The apparatus of claim 30 wherein 
said smart card comprises a SIM (Subscriber Identity 
Module) card. 



34. (Original) The apparatus of claim 30 wherein 
said smart card comprises a WIM (Wireless Interface 
Module) . 



35. (Previously Presented) A method for digital 
content access control, comprising: 

receiving, by a target device, a token comprising 
a cryptogram based at least in part on an identifier 
that describes the location of said digital content 
wherein an end-user device comprises said target 
device; 

preparing, on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
devices- 
receiving, on said target device, encrypted 
digital content ; 

decrypting, on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering, on said target device, said decrypted 
digital content. 
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36. (Original) The method of claim 35 wherein said 
preparing is performed on a smart card. 

37. (Original) The method of claim 35 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 

38. (Previously Presented) A method for digital 
content access control, comprising: 

receiving, on a target device, a tokenized URL 
comprising a token having a cryptogram based at least 
in part on an identifier that describes the location 
of said digital content wherein an end-user device 
comprises said target device; 

preparing, on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device ; 

receiving, on said target device, encrypted 
digital content; 

decrypting, on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering, on said target device ^ said decrypted 
digital content. 

39. (Original) The method of claim 38 wherein said 
preparing is performed on a smart card. 
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40. (Original) The method of claim 38 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 
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41. (Previously Presented) A program storage device 
readable by a machine, embodying a program of instructions 
executable by the machine to perform a method for digital 
content access control, the method comprising: 

receiving, by a target device, a token comprising 
a cryptogram based at least in part on an identifier 
that describes the location of said digital content 
wherein said target device comprises an end-user 
devices- 
preparing, on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
devices- 
receiving, on said target device, encrypted 
digital contents- 
decrypting, on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering, on said target device, said decrypted 
digital content. 

42. (Original) The program storage device of claim 
41 wherein said preparing is performed on a smart card. 

43. (Original) The program storage device of claim 
41 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized. 
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receiving, on a target device, a tokenized URL 
comprising a token having a cryptogram based at least 
in part on an identifier that describes the location 
of said digital content wherein an end-user device 
comprises said target device; 

preparing, on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device; 

receiving, on said target device, encrypted 
digital content; 

decrypting, on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering, on said target device, said decrypted 
digital content. 

45. (Original) The program storage device of claim 
44 wherein said preparing is performed on a smart card. 

46. (Original) The program storage device of claim 
44 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized. 
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47. (Previously Presented) An apparatus for digital 
content access control, comprising: 

means for receiving, by a target device, a token 
comprising a cryptogram based at least in part on an 
identifier that describes the location of said digital 
content wherein an end-user device comprises said 
target device; 

means for preparing, on said target device, a 
session key, said preparing comprising applying a 
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cryptographic process to a key based at least in part 
on said token together with a target key to create 
said session key, said target key based at least in 
part on a master key and a target ID, said target ID 
identifying a target device;- 

means for receiving, on said target device, 
encrypted digital content; 

means for decrypting, on said target device, said 
encrypted digital content using said session key to 
create decrypted digital content; and 

means for rendering, on said target device, said 
decrypted digital content. 

48. (Original) The apparatus of claim 47 wherein 
said means for preparing comprises a smart card. 

49. (Original) The apparatus of claim 47 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

50. (Previously Presented) An apparatus for digital 
content access control, comprising: 

means for receiving, on a target device, a 
tokenized URL comprising a token having a cryptogram 
based at least in part on an identifier that describes 
the location of said digital content wherein an end- 
user device comprises said target device; 

means for preparing, on said target device, a 
session key, said preparing comprising applying a 
cryptographic process to a key based at least in part 
on said token together with a target key to create 
said session key, said target key based at least in 
part on a master key and a target ID, said target ID 
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identifying a target device; 

means for receiving, on said target device, 
encrypted digital content; 
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means for decrypting, on said target device, said 
encrypted digital content using said session key to 
create decrypted digital content; and 

means for rendering, on said target device, said 
decrypted digital content. 

51. (Original) The apparatus of claim 50 wherein 
said means for preparing comprises a smart card. 

52. (Original) The apparatus of claim 50 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

53. (Previously Presented) An apparatus for digital 
content access control, the apparatus comprising: 



a memory for storing said digital content; and 
a processor, of a target device, configured to: 

receive, by said target device, a token 
comprising a cryptogram based at least in part on 
an identifier that describes the location of said 
digital content wherein an end-user device 
comprises said target device; 

prepare, on said target device, a session 
key, said preparing comprising applying a 
cryptographic process to a key based at least in 
part on said token together with a target key to 
create said session key, said target key based at 
least in part on a master key and a target ID, 
said target ID identifying a target device; 

receive, on said target device, encrypted 
digital content; 

decrypt, on said target device, said 
encrypted digital content using said session key 
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to create decrypted digital content; and 
render, on said target device, said 
decrypted digital content. 
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54. (Original) The apparatus of claim 53 wherein 
.said apparatus comprises a smart card. 

55. (Original) The apparatus of claim 54 wherein 
said smart card comprises a Java Card^" technology-enabled 
smart card . 

56. (Original) The apparatus of claim 54 wherein 
said smart card comprises a CDMA (Code Division Multiple 
Access) technology- enabled smart card. 

57. (Original) The apparatus of claim 54 wherein 
said smart card comprises a SIM (Subscriber Identity 
Module) card. 

58. (Original) The apparatus of claim 54 wherein 
said smart card comprises a WIM (Wireless Interface 
Module) . 
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